Re: RFD: Kernel release numbering
From: Chris Wright
Date: Thu Mar 03 2005 - 11:59:58 EST
* Linus Torvalds (torvalds@xxxxxxxx) wrote:
> On Thu, 3 Mar 2005, Jeff Garzik wrote:
> In fact, if somebody maintained that kind of tree, especially in BK, it
> would be trivial for me to just pull from it every once in a while (like
> ever _day_ if necessary). But for that to work, then that tree would have
> to be about so _obviously_ not wild patches that it's a no-brainer.
>
> So what's the problem with this approach? It would seem to make everybody
> happy: it would reduce my load, it would give people the alternate "2.6.x
> base kernel plus fixes only" parallell track, and it would _not_ have the
> testability issue (because I think a lot of people would be happy to test
> that tree, and if it was always based on the last 2.6.x release, there
> would be no issues.
>
> Anybody?
Andres Salomon (-as patches) and I have been talking about that at least
regarding security fixes. It's worth trying in a more complete and
formalized way. Guess I can be branded a sucker ;-)
> I'll tell you what the problem is: I don't think you'll find anybody to do
> the parallell "only trivial patches" tree. They'll go crazy in a couple of
> weeks. Why? Because it's a _damn_ hard problem. Where do you draw the
> line? What's an acceptable patch? And if you get it wrong, people will
> complain _very_ loudly, since by now you've "promised" them a kernel that
> is better than the mainline. In other words: there's almost zero glory,
> there are no interesting problems, and there will absolutely be people who
> claim that you're a dick-head and worse, probably on a weekly basis.
>
> That said, I think in theory it's a great idea. It might even be
> technically feasible if there was some hard technical criteria for each
> patch that gets accepted, so that you don't have the burn-out problem.
>
> So let's loook at how we could set that up. We need:
>
> - a sucker who wants to do this, or a company that pays for somebody good
> to do this (and remember: "good" here doesn't necessarily have to mean
> technical genius, it's about taking abuse and being stable). The whole
> setup should be such that there can never be any question about the
> patches for _other_ reasons (to avoid the sucker becoming a target for
> abuse), so this person really to some degree would be fairly
> mechanical.
>
> Don't make it automated, though. That just gets us down the path of
> flaming about the scripts and automation. And I'm not claiming that we
> should aim for somebody _stupid_, I'm just claiming that it takes a
> certain kind of person to do something that is not all that glamorous,
> and that puts you in the spot.
>
> We don't ever want to have that spark of "wouldn't this be cool" in
> this project.
>
> - some very _technical_ and objective rules on patches. And they should
> limit the patches severely, so that people can never blame the sucker
> who does the job. For example, I would suggest that "size" be one hard
> technical rule. If the patch is more than 100 lines (with context) in
> size, it's not trivial any more. Really. Two big screenfuls (or four,
> for people who still use the ISO-ANSI standard 80x24 vt100)
>
> Also, I'd suggest that a _hard_ rule (ie nobody can override it) would
> also be that the problem causes an oops, a hang, or a real security
> problem that somebody can come up with an exploit for (ie no "there
> could be a two-instruction race" crap. Only "there is a race, and
> here's how you exploit it"). The exploit wouldn't need to be full code
> that gets root, but an explanation of it, at least.
>
> - a vetting process. You'd have ten people, and five of them would have
> to sign off on the patch, and even a single veto would shoot it down.
>
> Again, this is really to protect the sucker, and make it possible to
> work: I don't think this can work with a creative person (everybody
> else calls me "flaky", and I much prefer that "creative" word, it sounds
> so much better), which I personally believe means that we don't _want_
> people like Alan, Andrea, Andrew etc etc that have historically maintained
> their own trees that sometimes have tried to do something like this.
>
> - Finally: this tree never has any history past the "last release". When
> a new kernel comes, the tree is frozen, and never to be touched again.
I like this definition. The only remaining question is what determines
a 2.6.x.y release? One patch? Sure if it's critical enough.
> If somebody _else_ wants to base things off this special "sucker tree",
> and make a fourth level tree that is based on the _previous_ stable
> tree, that's fine, but that's a separate process. He would be totally
> free to do so, but the rule is that this particular maintenance program
> _never_ gets stuck on an old kernel, like the vendor trees always are.
>
> This is not a long-range tree, it would _purely_ be about one thing and
> one thing only: the last stable kernel. The people involved (sucker and
> vetters all) would never have to remember two different trees, or care
> about problems that aren't in the top-of-tree. Keep ti simple, and keep
> the rules clear.
>
> Does this mean that some patches would never go into this tree? Yes. It
> would mean that patches that some people might feel very _strongly_ are
> good patches would never ever show up in this tree, but on the other hand,
> I can see this tree being useful regardless, and I think the lack of
> flexibility in this case is actually the whole _point_ of the tree. The
> lack of flexibility is the very thing that makes this be the kind of base
> that anybody else can then hang their own patches on top of. There should
> never be a situation where "I'd like that tree, but I think xxxx was done
> wrong".
>
> Might something like this make people happier? (I wrote "happy" rather
> than "happier" at first, but let's face it, people are better at whining
> than they are at being happy ;)
Heh, maybe people are happiest when they are whining ;-)
thanks,
-chris
--
Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/